A major interstate natural gas pipeline association believes that an existing voluntary system with the Transportation Security Administration (TSA) for dealing with cyber attacks “is the way to go,” a spokeswoman said.

In a Congressional Research Service report — “Pipeline Cybesecurity: Federal Policy” — issued in August, “TSA officials [asserted] that security regulations could be counter-productive because they could establish a general standard below the level of security already in place at many pipeline companies based on their company-specific security assessments,” wrote Donald Santa, president of the Interstate Natural Gas Association of America (INGAA), in a letter Monday to Senate Commerce Committee Chairman John D. Rockefeller IV (D-WV).

Moreover, the report noted that “because TSA believes the most critical U.S. pipeline systems generally meet or exceed industry security guidance, the agency believes it achieves better security with voluntary guidelines, and maintains a more cooperative and collaborative relationship with its industry partners as well.”

INGAA “agrees with these comments. INGAA members have a strong record of working voluntarily and successfully with TSA to develop, maintain and update effective cyber security guidelines, which have been implemented across our industry,” Santa said.

“Unlike this dynamic approach, a regulatory regime that requires notice and comment rulemaking would be unable to keep pace with the ever-changing cyber threats and vulnerabilities emerging globally. The key to effective cyber security is the trust developed in a strong private sector partnership with law enforcement and intelligence agencies, as well as with the TSA. This is not possible when government cyber security regulators merely enforce federal regulation with civil penalties,” he said.

“Rather than focusing on new regulatory authority, INGAA supports federal action that could result in enhancing information-sharing opportunities and tools between national security agencies and the owners and operators of critical infrastructure.”

An advocate of strong cyber security laws, Rockefeller in August fired off a series of letters to executives of Fortune 500 companies, challenging them to play a leading role in reforming cyber security laws and to “distinguish their solutions-oriented cyber security leadership from the obstructionist politics of beltway lobbying organizations such as the U.S. Chamber of Commerce.”

Rockefeller urged President Obama to issue an executive order after the Cybersecurity Act of 2012 was blocked in Congress (see Daily GPI, Sept. 13). Even with an executive order, Rockefeller said he believes there will remain a need for legislation to fully address American cyber threat readiness.

©Copyright 2012Intelligence Press Inc. All rights reserved. The preceding news reportmay not be republished or redistributed, in whole or in part, in anyform, without prior written consent of Intelligence Press, Inc.